diff options
author | nagendra modadugu <ngm@google.com> | 2016-02-08 21:49:25 -0800 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2016-02-09 19:51:05 -0800 |
commit | cd5745f99c4a2afb8c4b41f97a0852846378e2d8 (patch) | |
tree | 60f8efa4dce4d0e59c305c52f9622b8c4b520c3f | |
parent | 5dca5807bd7b53fcc7899ffca593b29e0e7b95ae (diff) | |
download | chrome-ec-cd5745f99c4a2afb8c4b41f97a0852846378e2d8.tar.gz |
CR50: Include NUL byte from label for OAEP pad calculationstabilize-7912.B
If a label is specified, then the NUL terminating
character is considered part of the label per the
TPM2 implementation.
BRANCH=none
BUG=chrome-os-partner:43025,chrome-os-partner:47524
TEST=tests under test/tpm2/ pass.
Change-Id: If5fccc293f7ab52fd6c33e2f3c38695c2921d919
Signed-off-by: nagendra modadugu <ngm@google.com>
Reviewed-on: https://chromium-review.googlesource.com/326910
Commit-Ready: Nagendra Modadugu <ngm@google.com>
Tested-by: Marius Schilder <mschilder@chromium.org>
Tested-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Marius Schilder <mschilder@chromium.org>
-rw-r--r-- | chip/g/dcrypto/rsa.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/chip/g/dcrypto/rsa.c b/chip/g/dcrypto/rsa.c index b6128923ef..92e9af4c59 100644 --- a/chip/g/dcrypto/rsa.c +++ b/chip/g/dcrypto/rsa.c @@ -91,7 +91,7 @@ static int oaep_pad(uint8_t *output, uint32_t output_len, else DCRYPTO_SHA256_init(&ctx, 0); - DCRYPTO_HASH_update(&ctx, label, label ? strlen(label) : 0); + DCRYPTO_HASH_update(&ctx, label, label ? strlen(label) + 1 : 0); memcpy(phash, DCRYPTO_HASH_final(&ctx), hash_size); *one = 1; memcpy(one + 1, msg, msg_len); @@ -131,7 +131,7 @@ static int check_oaep_pad(uint8_t *out, uint32_t *out_len, DCRYPTO_SHA1_init(&ctx, 0); else DCRYPTO_SHA256_init(&ctx, 0); - DCRYPTO_HASH_update(&ctx, label, label ? strlen(label) : 0); + DCRYPTO_HASH_update(&ctx, label, label ? strlen(label) + 1 : 0); bad = memcmp(phash, DCRYPTO_HASH_final(&ctx), hash_size); bad |= padded[0]; |